Blog Archives

Facebook’s Anti-Virus Marketplace turns focus to URL blacklist system

Summary: Facebook continues to maintain that security is a primary focus as its Anti-Virus Marketplace gets stocked with more solutions from the likes of Avira, Kaspersky, and Webroot.

Facebook has announced that it is expanding its Anti-Virus Marketplace through the addition of seven more security solutions providers to its coalition.

That group consists of Avast, AVG, Avira, Kaspersky, Panda, Total Defense, and Webroot.

Launched earlier this year, the Anti-Virus Marketplace is the product of a partnership with anti-virus software providers that offer Facebook users with free software to keep their computers secure.

Facebook reps said that approximately 30 million people have already visited the Anti-Virus Marketplace since its unveiling in April.

In July, the world’s largest social network continued to develop upon its security agenda with theintroduction of Malware Checkpoint, which enables Facebook to direct users who think their computer might be infected to sites where they can get free anti-virus software.

According to a blog post on the Facebook Security blog on Tuesday morning, one of the primary objectives now for these partners is to help improve Facebook’s URL blacklist system, which scans trillions of clicks per day and consults the databases of all Anti-Virus Marketplace partners to ensure sites are safe.

Effective security must be a cooperative effort; by adding these new partners to the Facebook Security family we are sure we can keep our community even better protected from threats both on Facebook and elsewhere on the web.

In addition to these new partners, some of Facebook’s existing partners — including Microsoft, McAfee, TrendMicro, Sophos, and Symantec — will begin offering anti‑virus software for mobile devices. Their free anti-virus software is also available for PC and Mac.

Original post at—

Thanks for reading. hope it might helped you.

How Phishing Works ?

phishing : ehack

phishing : ehack

Suppose you check your e-mail one day and find a message from your bank. You’ve gotten e-mail from them before, but this one seems suspicious, especially since it threatens to close your account if you don’t reply immediately. What do you do?

This message and others like it are examples of phishing, a method of online identity theft. In addition to stealing personal and financial data, phishers can infect computers with viruses and convince people to participate unwittingly in money laundering.

Most people associate phishing with e-mail messages that spoof, or mimic, banks, credit card companies or other business like Amazon and eBay. These messages look authentic and attempt to get victims to reveal their personal information. But e-mail messages are only one small piece of a phishing scam.

From beginning to end, the process involves:

  1. Planning. Phishers decide which business to target and determine how to get e-mail addresses for the customers of that business. They often use the same mass-mailing and address collection techniques as spammers.
  2. Setup. Once they know which business to spoof and who their victims are, phishers create methods for delivering the message and collecting the data. Most often, this involves e-mail addresses and a Web page.
  3. Attack. This is the step people are most familiar with — the phisher sends a phony message that appears to be from a reputable source.
  4. Collection. Phishers record the information victims enter into Web pages or popup windows.
  5. Identity Theft and Fraud. The phishers use the information they’ve gathered to make illegal purchases or otherwise commit fraud. As many as a fourth of the victims never fully recover [Source:Information Week].

If the phisher wants to coordinate another attack, he evaluates the successes and failures of the completed scam and begins the cycle again.

Phishing scams take advantages of software and security weaknesses on both the client and server sides. But even the most high-tech phishing scams work like old-fashioned con jobs, in which a hustler convinces his mark that he is reliable and trustworthy. Next, we’ll look at the steps phishers take to convince victims that their messages are legitimate.

Thanks for reading. hope it might helped you.

Latest Mac malware adds to ‘troubling trend,’ says security expert

Summary: Apple has updated its XProtect definitions after a new malware variant appeared, targeting Russian social network users. One security expert says the increase in OS X-specific malware is “troubling.” However, the increase in Mac malware should not be overblown.

ehack : mac malware

ehack : mac malware

Earlier this week, Apple updated XProtect, the built-in OS X anti-malware service, with new definitions to help combat a new Trojan designed for the Mac operating system, dubbed Trojan.SMSSend.3666.

While already in wide circulation of Windows users, the Trojan made its debut on OS X machines in this new malware strain. Trojan.SMSSend.3666 is a fake installer application that claims to play music across Russian social network, which can be downloaded from a variety of sources, and attempts to deceive the user into entering a cell number to activate the software. In doing so, it subscribes the cell user to a chargeable subscription service that debits mobile phone accounts regularly.

Apple updated XProtect in a two-day turnaround, despite the low threat posed by the malware. Numerous other Mac-focused third-party anti-virus services were updated within 24 hours.

In the past year alone, Apple has combated a number of malware attacks to its OS X operating system. Flashback resulted in more than 600,000 Apple machines being infected earlier this year. And, while the increase in OS X malware shows a “troubling trend,” according to one Mac expert, most Mac users should not panic, but also not remain complacent.

Security and Mac expert Thomas Reed said that Russian malware writers were likely behind the Trojan and are “aiming at a target that they are familiar with.”

While Flashback was a problem for Mac users worldwide, an increasing amount of Mac-related malware is focused on users outside the U.S, according to Reed. “Many have been aimed specifically at Tibetan human rights groups and the Dalai Lama.”

But above all else, the overall Mac malware threat should be not be underestimated for the future, but not be overestimated for the present. The latest Trojan.SMSSend malware is, “not really a big deal, but it adds to a troubling trend,” Reed told ZDNet.

“By my current count, including SMSSend, there are now 35 different malware families that have ever affected OS X. Most of those are strung out over the history of OS X, but ten [around 28 percent] of all those malware families appeared this year alone.” He added this rises to 11 out of 36 — or just over 30 percent — if you count the 2011 and 2012 variants of Flashback as different.

Reed said that over the past year, “Macs have become a larger target for malware writers, due to their newfound popularity.” But, he warned that the increased threat should be taken with a pinch of salt and not be blown out of proportion.

In the fourth quarter alone, Apple said during its earnings that it had sold 4.9 million Macs during the three month period ending in September, an increase of 1 percent on the same quarter a year ago. Apple also shipped more Macs than any other machines sold by individual PC manufacturer during the same quarter, the firm said.

According to Net Applications, Apple has a Mac market share of 7.3 percent as of November, an increase of more than 1 percentage point during the same month a year ago.

As Reed notes, ten new strains of Mac malware per year is still quite low relative to the Windows world. The bigger threat is social engineering, which is harder to block with technology. Reed said: “…obviously there will always be users who can be tricked into doing something they shouldn’t.”

Thanks for reading. hope it might helped you.

Is Demonoid gone for good?

It turned out, according to a statement supplied to TorrentFreak, that Demonoid had been taken down by a massive Distributed Denial of Service (DDoS) attack. The site’s administrator reportedly said the fix could take a while, and so the waiting game began. A full week passed, and then last night, the server was turned off completely and the site started serving up a 404 (Not Found error message).

A fake Facebook Page for the Demonoid website said the website was taken down on purpose to work on fixing the issues. I fell for the hoax earlier today and after it was pointed out to me, I immediately tried to contact Demonoid’s administrator for a statement explaining what is really happening.

In the meantime, I’ve been checking the site all day, which kept giving me a 404. About half an hour ago, however, the page loaded something, which in turn redirected to a random website full of advertisements. I tried going to a few more times, and every time it was a different nonsense website. Finally, it seemed to settle on the website you see pictured above. If I tried to keep refreshing, I would eventually get a bogus website again.

All these websites look like the ones you see when you go to a domain that is up for sale or is being kept around for generating ad revenue from random visitors looking for something. For example, if you go to or, you’ll see something similar. If this is what is happening to, then the owner will likely make quite a bit of money.

The thing is, it doesn’t look as if the owner has changed. The following whois lookup for Demonoid suggests something may have changed last night, although the expiration date is still more than two years from now:

Domain ID:D1703141-ME
Domain Create Date:28-Nov-2010 23:49:19 UTC
Domain Last Updated Date:31-Jul-2012 12:28:28 UTC
Domain Expiration Date:28-Nov-2014 23:49:19 UTC

Is this really just a consequence of the DDOS attack last week or is there something bigger happening? Is this some kind of anti-piracy initiative? Is Demonoid dead or will the site resurface once again under a different domain (remember, Demonoid originally started at

Again, I’ve attempted to contact Demonoid’s administrator for an explanation of what’s happening. I will update you if and when I hear back.

Update on August 2 – The site is back to being down and the administrator is still unreachable. As a reader points out, the domain registration was updated again.

Meanwhile, TorrentFreak also hasn’t had much luck getting in touch with Demonoid’s staff, and says the situation doesn’t look good:

For now we’ll just have to wait, but it wouldn’t come as a shock if Demonoid remained down for months. Equally, and this is a distinct possibility given all the variables, don’t be surprised if its doors stay closed for good.

ehack : ethical hacking

hello friends !!
Greeting for the day, from the team of “ehack: ethical hacking” !!
check out our new rediff page–

%d bloggers like this: